In recent times banks and other financial organizations have been actively adopting web banking services (Internet banking) as part of the banking services. Web banking is the general term for technologies of remote banking services, as well as access to accounts and operations (with them) available at any time and from any computer having access to the Internet. To perform these operations, a web client (such as a browser) is typically used.
The widespread use of such technologies naturally attracts hackers, who are interested in stealing funds from the accounts of the users of the remote service systems. One of the popular attacks on the users of web banking is an attack during which malicious software is put in place of the contents of the web page being displayed to the user. The malicious software embeds a HTML code in the web page. This attack is often called a “man in the browser” or “web code injection” attack. The attack may start with the use of a Trojan application, for example, which installs a malicious extension in the victim's browser, which is launched when the browser is restarted. There then occurs an intercepting of the user's traffic being routed to a particular web site (most often a banking site). The web page being displayed to the user is then altered (during its loading or opening), making it possible to modify the external appearance of a particular element of the web page, steal the victim's authentication data being entered, or redirect funds being transferred by the user to a third-party account.
Solutions existing at present appear to be aimed at increasing the secure working of a user in a network with regard to attacks which introduce outside code into a web page. However, these solutions do not effectively determine whether a web page has been altered by malicious software, and identify anomalous elements in the web page version at the user's end without installing additional software. At the same time, the additional software such as various security clients, thin clients (light agents), and other antivirus means are not always able to be installed at the user's end, which ultimately results in errors in the operation of the antivirus application. Thus, for example, an error of a first kind may involve letting through an attack of the “man in the browser” type to the computing system in order to seize the data transfer channel and obtain access to all information being transferred, and an error of a second kind may involve the erroneous determination of a legitimate web page alteration at the user's end as being anomalous.